1 /* $NetBSD: if_tun.c,v 1.14 1994/06/29 06:36:25 cgd Exp $ */ 2 3 /* 4 * Copyright (c) 1988, Julian Onions <jpo@cs.nott.ac.uk> 5 * Nottingham University 1987. 6 * 7 * This source may be freely distributed, however I would be interested 8 * in any changes that are made. 9 * 10 * This driver takes packets off the IP i/f and hands them up to a 11 * user process to have its wicked way with. This driver has it's 12 * roots in a similar driver written by Phil Cockcroft (formerly) at 13 * UCL. This driver is based much more on read/write/poll mode of 14 * operation though. 15 * 16 * $FreeBSD: src/sys/net/if_tun.c,v 1.74.2.8 2002/02/13 00:43:11 dillon Exp $ 17 * $DragonFly: src/sys/net/tun/if_tun.c,v 1.15 2004/06/02 14:42:59 eirikn Exp $ 18 */ 19 20 #include "opt_atalk.h" 21 #include "opt_inet.h" 22 #include "opt_inet6.h" 23 #include "opt_ipx.h" 24 25 #include <sys/param.h> 26 #include <sys/proc.h> 27 #include <sys/systm.h> 28 #include <sys/mbuf.h> 29 #include <sys/socket.h> 30 #include <sys/filio.h> 31 #include <sys/sockio.h> 32 #include <sys/ttycom.h> 33 #include <sys/poll.h> 34 #include <sys/signalvar.h> 35 #include <sys/filedesc.h> 36 #include <sys/kernel.h> 37 #include <sys/sysctl.h> 38 #include <sys/conf.h> 39 #include <sys/uio.h> 40 #include <sys/vnode.h> 41 #include <sys/malloc.h> 42 43 #include <net/if.h> 44 #include <net/if_types.h> 45 #include <net/netisr.h> 46 #include <net/route.h> 47 48 #ifdef INET 49 #include <netinet/in.h> 50 #endif 51 52 #include <net/bpf.h> 53 54 #include "if_tunvar.h" 55 #include "if_tun.h" 56 57 static MALLOC_DEFINE(M_TUN, "tun", "Tunnel Interface"); 58 59 static void tunattach (void *); 60 PSEUDO_SET(tunattach, if_tun); 61 62 static void tuncreate (dev_t dev); 63 64 #define TUNDEBUG if (tundebug) printf 65 static int tundebug = 0; 66 SYSCTL_INT(_debug, OID_AUTO, if_tun_debug, CTLFLAG_RW, &tundebug, 0, ""); 67 68 static int tunoutput (struct ifnet *, struct mbuf *, struct sockaddr *, 69 struct rtentry *rt); 70 static int tunifioctl (struct ifnet *, u_long, caddr_t, struct ucred *); 71 static int tuninit (struct ifnet *); 72 73 static d_open_t tunopen; 74 static d_close_t tunclose; 75 static d_read_t tunread; 76 static d_write_t tunwrite; 77 static d_ioctl_t tunioctl; 78 static d_poll_t tunpoll; 79 80 #define CDEV_MAJOR 52 81 static struct cdevsw tun_cdevsw = { 82 /* name */ "tun", 83 /* maj */ CDEV_MAJOR, 84 /* flags */ 0, 85 /* port */ NULL, 86 /* clone */ NULL, 87 88 /* open */ tunopen, 89 /* close */ tunclose, 90 /* read */ tunread, 91 /* write */ tunwrite, 92 /* ioctl */ tunioctl, 93 /* poll */ tunpoll, 94 /* mmap */ nommap, 95 /* strategy */ nostrategy, 96 /* dump */ nodump, 97 /* psize */ nopsize 98 }; 99 100 static void 101 tunattach(void *dummy) 102 { 103 cdevsw_add(&tun_cdevsw, 0, 0); 104 } 105 106 static void 107 tuncreate(dev) 108 dev_t dev; 109 { 110 struct tun_softc *sc; 111 struct ifnet *ifp; 112 113 dev = make_dev(&tun_cdevsw, minor(dev), 114 UID_UUCP, GID_DIALER, 0600, "tun%d", lminor(dev)); 115 116 MALLOC(sc, struct tun_softc *, sizeof(*sc), M_TUN, M_WAITOK); 117 bzero(sc, sizeof *sc); 118 sc->tun_flags = TUN_INITED; 119 120 ifp = &sc->tun_if; 121 if_initname(ifp, "tun", lminor(dev)); 122 ifp->if_mtu = TUNMTU; 123 ifp->if_ioctl = tunifioctl; 124 ifp->if_output = tunoutput; 125 ifp->if_flags = IFF_POINTOPOINT | IFF_MULTICAST; 126 ifp->if_type = IFT_PPP; 127 ifp->if_snd.ifq_maxlen = ifqmaxlen; 128 ifp->if_softc = sc; 129 if_attach(ifp); 130 bpfattach(ifp, DLT_NULL, sizeof(u_int)); 131 dev->si_drv1 = sc; 132 } 133 134 /* 135 * tunnel open - must be superuser & the device must be 136 * configured in 137 */ 138 static int 139 tunopen(dev_t dev, int flag, int mode, struct thread *td) 140 { 141 struct ifnet *ifp; 142 struct tun_softc *tp; 143 int error; 144 145 KKASSERT(td->td_proc); 146 if ((error = suser(td)) != NULL) 147 return (error); 148 149 tp = dev->si_drv1; 150 if (!tp) { 151 tuncreate(dev); 152 tp = dev->si_drv1; 153 } 154 if (tp->tun_flags & TUN_OPEN) 155 return EBUSY; 156 tp->tun_pid = td->td_proc->p_pid; 157 ifp = &tp->tun_if; 158 tp->tun_flags |= TUN_OPEN; 159 TUNDEBUG("%s: open\n", ifp->if_xname); 160 return (0); 161 } 162 163 /* 164 * tunclose - close the device - mark i/f down & delete 165 * routing info 166 */ 167 static int 168 tunclose(dev_t dev, int foo, int bar, struct thread *td) 169 { 170 int s; 171 struct tun_softc *tp; 172 struct ifnet *ifp; 173 struct mbuf *m; 174 175 tp = dev->si_drv1; 176 ifp = &tp->tun_if; 177 178 tp->tun_flags &= ~TUN_OPEN; 179 tp->tun_pid = 0; 180 181 /* 182 * junk all pending output 183 */ 184 do { 185 s = splimp(); 186 IF_DEQUEUE(&ifp->if_snd, m); 187 splx(s); 188 if (m) 189 m_freem(m); 190 } while (m); 191 192 if (ifp->if_flags & IFF_UP) { 193 s = splimp(); 194 if_down(ifp); 195 splx(s); 196 } 197 198 if (ifp->if_flags & IFF_RUNNING) { 199 struct ifaddr *ifa; 200 201 s = splimp(); 202 /* find internet addresses and delete routes */ 203 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) 204 if (ifa->ifa_addr->sa_family == AF_INET) 205 rtinit(ifa, (int)RTM_DELETE, 206 tp->tun_flags & TUN_DSTADDR ? RTF_HOST : 0); 207 ifp->if_flags &= ~IFF_RUNNING; 208 splx(s); 209 } 210 211 funsetown(tp->tun_sigio); 212 selwakeup(&tp->tun_rsel); 213 214 TUNDEBUG ("%s: closed\n", ifp->if_xname); 215 return (0); 216 } 217 218 static int 219 tuninit(ifp) 220 struct ifnet *ifp; 221 { 222 struct tun_softc *tp = ifp->if_softc; 223 struct ifaddr *ifa; 224 int error = 0; 225 226 TUNDEBUG("%s: tuninit\n", ifp->if_xname); 227 228 ifp->if_flags |= IFF_UP | IFF_RUNNING; 229 getmicrotime(&ifp->if_lastchange); 230 231 for (ifa = TAILQ_FIRST(&ifp->if_addrhead); ifa; 232 ifa = TAILQ_NEXT(ifa, ifa_link)) { 233 if (ifa->ifa_addr == NULL) 234 error = EFAULT; 235 /* XXX: Should maybe return straight off? */ 236 else { 237 #ifdef INET 238 if (ifa->ifa_addr->sa_family == AF_INET) { 239 struct sockaddr_in *si; 240 241 si = (struct sockaddr_in *)ifa->ifa_addr; 242 if (si->sin_addr.s_addr) 243 tp->tun_flags |= TUN_IASET; 244 245 si = (struct sockaddr_in *)ifa->ifa_dstaddr; 246 if (si && si->sin_addr.s_addr) 247 tp->tun_flags |= TUN_DSTADDR; 248 } 249 #endif 250 } 251 } 252 return (error); 253 } 254 255 /* 256 * Process an ioctl request. 257 */ 258 int 259 tunifioctl(ifp, cmd, data, cr) 260 struct ifnet *ifp; 261 u_long cmd; 262 caddr_t data; 263 struct ucred *cr; 264 { 265 struct ifreq *ifr = (struct ifreq *)data; 266 struct tun_softc *tp = ifp->if_softc; 267 struct ifstat *ifs; 268 int error = 0, s; 269 270 s = splimp(); 271 switch(cmd) { 272 case SIOCGIFSTATUS: 273 ifs = (struct ifstat *)data; 274 if (tp->tun_pid) 275 sprintf(ifs->ascii + strlen(ifs->ascii), 276 "\tOpened by PID %d\n", tp->tun_pid); 277 break; 278 case SIOCSIFADDR: 279 error = tuninit(ifp); 280 TUNDEBUG("%s: address set, error=%d\n", 281 ifp->if_xname, error); 282 break; 283 case SIOCSIFDSTADDR: 284 error = tuninit(ifp); 285 TUNDEBUG("%s destination address set, error=%d\n", 286 ifp->if_xname, error); 287 break; 288 case SIOCSIFMTU: 289 ifp->if_mtu = ifr->ifr_mtu; 290 TUNDEBUG("%s: mtu set\n", 291 ifp->if_xname); 292 break; 293 case SIOCSIFFLAGS: 294 case SIOCADDMULTI: 295 case SIOCDELMULTI: 296 break; 297 default: 298 error = EINVAL; 299 } 300 splx(s); 301 return (error); 302 } 303 304 /* 305 * tunoutput - queue packets from higher level ready to put out. 306 */ 307 int 308 tunoutput(ifp, m0, dst, rt) 309 struct ifnet *ifp; 310 struct mbuf *m0; 311 struct sockaddr *dst; 312 struct rtentry *rt; 313 { 314 struct tun_softc *tp = ifp->if_softc; 315 int s; 316 317 TUNDEBUG ("%s: tunoutput\n", ifp->if_xname); 318 319 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 320 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, 321 tp->tun_flags); 322 m_freem (m0); 323 return EHOSTDOWN; 324 } 325 326 /* BPF write needs to be handled specially */ 327 if (dst->sa_family == AF_UNSPEC) { 328 dst->sa_family = *(mtod(m0, int *)); 329 m0->m_len -= sizeof(int); 330 m0->m_pkthdr.len -= sizeof(int); 331 m0->m_data += sizeof(int); 332 } 333 334 if (ifp->if_bpf) { 335 /* 336 * We need to prepend the address family as 337 * a four byte field. Cons up a dummy header 338 * to pacify bpf. This is safe because bpf 339 * will only read from the mbuf (i.e., it won't 340 * try to free it or keep a pointer to it). 341 */ 342 struct mbuf m; 343 uint32_t af = dst->sa_family; 344 345 m.m_next = m0; 346 m.m_len = 4; 347 m.m_data = (char *)⁡ 348 349 bpf_mtap(ifp, &m); 350 } 351 352 /* prepend sockaddr? this may abort if the mbuf allocation fails */ 353 if (tp->tun_flags & TUN_LMODE) { 354 /* allocate space for sockaddr */ 355 M_PREPEND(m0, dst->sa_len, MB_DONTWAIT); 356 357 /* if allocation failed drop packet */ 358 if (m0 == NULL){ 359 s = splimp(); /* spl on queue manipulation */ 360 IF_DROP(&ifp->if_snd); 361 splx(s); 362 ifp->if_oerrors++; 363 return (ENOBUFS); 364 } else { 365 bcopy(dst, m0->m_data, dst->sa_len); 366 } 367 } 368 369 if (tp->tun_flags & TUN_IFHEAD) { 370 /* Prepend the address family */ 371 M_PREPEND(m0, 4, MB_DONTWAIT); 372 373 /* if allocation failed drop packet */ 374 if (m0 == NULL){ 375 s = splimp(); /* spl on queue manipulation */ 376 IF_DROP(&ifp->if_snd); 377 splx(s); 378 ifp->if_oerrors++; 379 return ENOBUFS; 380 } else 381 *(u_int32_t *)m0->m_data = htonl(dst->sa_family); 382 } else { 383 #ifdef INET 384 if (dst->sa_family != AF_INET) 385 #endif 386 { 387 m_freem(m0); 388 return EAFNOSUPPORT; 389 } 390 } 391 392 s = splimp(); 393 if (IF_QFULL(&ifp->if_snd)) { 394 IF_DROP(&ifp->if_snd); 395 m_freem(m0); 396 splx(s); 397 ifp->if_collisions++; 398 return ENOBUFS; 399 } 400 ifp->if_obytes += m0->m_pkthdr.len; 401 IF_ENQUEUE(&ifp->if_snd, m0); 402 splx(s); 403 ifp->if_opackets++; 404 405 if (tp->tun_flags & TUN_RWAIT) { 406 tp->tun_flags &= ~TUN_RWAIT; 407 wakeup((caddr_t)tp); 408 } 409 if (tp->tun_flags & TUN_ASYNC && tp->tun_sigio) 410 pgsigio(tp->tun_sigio, SIGIO, 0); 411 selwakeup(&tp->tun_rsel); 412 return 0; 413 } 414 415 /* 416 * the cdevsw interface is now pretty minimal. 417 */ 418 static int 419 tunioctl(dev_t dev, u_long cmd, caddr_t data, int flag, struct thread *td) 420 { 421 int s; 422 struct tun_softc *tp = dev->si_drv1; 423 struct tuninfo *tunp; 424 425 switch (cmd) { 426 case TUNSIFINFO: 427 tunp = (struct tuninfo *)data; 428 if (tunp->mtu < IF_MINMTU) 429 return (EINVAL); 430 tp->tun_if.if_mtu = tunp->mtu; 431 tp->tun_if.if_type = tunp->type; 432 tp->tun_if.if_baudrate = tunp->baudrate; 433 break; 434 case TUNGIFINFO: 435 tunp = (struct tuninfo *)data; 436 tunp->mtu = tp->tun_if.if_mtu; 437 tunp->type = tp->tun_if.if_type; 438 tunp->baudrate = tp->tun_if.if_baudrate; 439 break; 440 case TUNSDEBUG: 441 tundebug = *(int *)data; 442 break; 443 case TUNGDEBUG: 444 *(int *)data = tundebug; 445 break; 446 case TUNSLMODE: 447 if (*(int *)data) { 448 tp->tun_flags |= TUN_LMODE; 449 tp->tun_flags &= ~TUN_IFHEAD; 450 } else 451 tp->tun_flags &= ~TUN_LMODE; 452 break; 453 case TUNSIFHEAD: 454 if (*(int *)data) { 455 tp->tun_flags |= TUN_IFHEAD; 456 tp->tun_flags &= ~TUN_LMODE; 457 } else 458 tp->tun_flags &= ~TUN_IFHEAD; 459 break; 460 case TUNGIFHEAD: 461 *(int *)data = (tp->tun_flags & TUN_IFHEAD) ? 1 : 0; 462 break; 463 case TUNSIFMODE: 464 /* deny this if UP */ 465 if (tp->tun_if.if_flags & IFF_UP) 466 return(EBUSY); 467 468 switch (*(int *)data & ~IFF_MULTICAST) { 469 case IFF_POINTOPOINT: 470 case IFF_BROADCAST: 471 tp->tun_if.if_flags &= ~(IFF_BROADCAST|IFF_POINTOPOINT); 472 tp->tun_if.if_flags |= *(int *)data; 473 break; 474 default: 475 return(EINVAL); 476 } 477 break; 478 case TUNSIFPID: 479 tp->tun_pid = curproc->p_pid; 480 break; 481 case FIONBIO: 482 break; 483 case FIOASYNC: 484 if (*(int *)data) 485 tp->tun_flags |= TUN_ASYNC; 486 else 487 tp->tun_flags &= ~TUN_ASYNC; 488 break; 489 case FIONREAD: 490 s = splimp(); 491 if (tp->tun_if.if_snd.ifq_head) { 492 struct mbuf *mb = tp->tun_if.if_snd.ifq_head; 493 for( *(int *)data = 0; mb != 0; mb = mb->m_next) 494 *(int *)data += mb->m_len; 495 } else 496 *(int *)data = 0; 497 splx(s); 498 break; 499 case FIOSETOWN: 500 return (fsetown(*(int *)data, &tp->tun_sigio)); 501 502 case FIOGETOWN: 503 *(int *)data = fgetown(tp->tun_sigio); 504 return (0); 505 506 /* This is deprecated, FIOSETOWN should be used instead. */ 507 case TIOCSPGRP: 508 return (fsetown(-(*(int *)data), &tp->tun_sigio)); 509 510 /* This is deprecated, FIOGETOWN should be used instead. */ 511 case TIOCGPGRP: 512 *(int *)data = -fgetown(tp->tun_sigio); 513 return (0); 514 515 default: 516 return (ENOTTY); 517 } 518 return (0); 519 } 520 521 /* 522 * The cdevsw read interface - reads a packet at a time, or at 523 * least as much of a packet as can be read. 524 */ 525 static int 526 tunread(dev, uio, flag) 527 dev_t dev; 528 struct uio *uio; 529 int flag; 530 { 531 struct tun_softc *tp = dev->si_drv1; 532 struct ifnet *ifp = &tp->tun_if; 533 struct mbuf *m0; 534 int error=0, len, s; 535 536 TUNDEBUG ("%s: read\n", ifp->if_xname); 537 if ((tp->tun_flags & TUN_READY) != TUN_READY) { 538 TUNDEBUG ("%s: not ready 0%o\n", ifp->if_xname, 539 tp->tun_flags); 540 return EHOSTDOWN; 541 } 542 543 tp->tun_flags &= ~TUN_RWAIT; 544 545 s = splimp(); 546 do { 547 IF_DEQUEUE(&ifp->if_snd, m0); 548 if (m0 == 0) { 549 if (flag & IO_NDELAY) { 550 splx(s); 551 return EWOULDBLOCK; 552 } 553 tp->tun_flags |= TUN_RWAIT; 554 if((error = tsleep((caddr_t)tp, PCATCH, 555 "tunread", 0)) != 0) { 556 splx(s); 557 return error; 558 } 559 } 560 } while (m0 == 0); 561 splx(s); 562 563 while (m0 && uio->uio_resid > 0 && error == 0) { 564 len = min(uio->uio_resid, m0->m_len); 565 if (len != 0) 566 error = uiomove(mtod(m0, caddr_t), len, uio); 567 m0 = m_free(m0); 568 } 569 570 if (m0) { 571 TUNDEBUG("%s: Dropping mbuf\n", ifp->if_xname); 572 m_freem(m0); 573 } 574 return error; 575 } 576 577 /* 578 * the cdevsw write interface - an atomic write is a packet - or else! 579 */ 580 static int 581 tunwrite(dev, uio, flag) 582 dev_t dev; 583 struct uio *uio; 584 int flag; 585 { 586 struct tun_softc *tp = dev->si_drv1; 587 struct ifnet *ifp = &tp->tun_if; 588 struct mbuf *top, **mp, *m; 589 int error=0, tlen, mlen; 590 uint32_t family; 591 int isr; 592 593 TUNDEBUG("%s: tunwrite\n", ifp->if_xname); 594 595 if (uio->uio_resid == 0) 596 return 0; 597 598 if (uio->uio_resid < 0 || uio->uio_resid > TUNMRU) { 599 TUNDEBUG("%s: len=%d!\n", ifp->if_xname, 600 uio->uio_resid); 601 return EIO; 602 } 603 tlen = uio->uio_resid; 604 605 /* get a header mbuf */ 606 MGETHDR(m, MB_DONTWAIT, MT_DATA); 607 if (m == NULL) 608 return ENOBUFS; 609 mlen = MHLEN; 610 611 top = 0; 612 mp = ⊤ 613 while (error == 0 && uio->uio_resid > 0) { 614 m->m_len = min(mlen, uio->uio_resid); 615 error = uiomove(mtod (m, caddr_t), m->m_len, uio); 616 *mp = m; 617 mp = &m->m_next; 618 if (uio->uio_resid > 0) { 619 MGET (m, MB_DONTWAIT, MT_DATA); 620 if (m == 0) { 621 error = ENOBUFS; 622 break; 623 } 624 mlen = MLEN; 625 } 626 } 627 if (error) { 628 if (top) 629 m_freem (top); 630 ifp->if_ierrors++; 631 return error; 632 } 633 634 top->m_pkthdr.len = tlen; 635 top->m_pkthdr.rcvif = ifp; 636 637 if (ifp->if_bpf) { 638 if (tp->tun_flags & TUN_IFHEAD) { 639 /* 640 * Conveniently, we already have a 4-byte address 641 * family prepended to our packet ! 642 * Inconveniently, it's in the wrong byte order ! 643 */ 644 if ((top = m_pullup(top, sizeof(family))) == NULL) 645 return ENOBUFS; 646 *mtod(top, u_int32_t *) = 647 ntohl(*mtod(top, u_int32_t *)); 648 bpf_mtap(ifp, top); 649 *mtod(top, u_int32_t *) = 650 htonl(*mtod(top, u_int32_t *)); 651 } else { 652 /* 653 * We need to prepend the address family as 654 * a four byte field. Cons up a dummy header 655 * to pacify bpf. This is safe because bpf 656 * will only read from the mbuf (i.e., it won't 657 * try to free it or keep a pointer to it). 658 */ 659 struct mbuf m; 660 uint32_t af = AF_INET; 661 662 m.m_next = top; 663 m.m_len = 4; 664 m.m_data = (char *)⁡ 665 666 bpf_mtap(ifp, &m); 667 } 668 } 669 670 if (tp->tun_flags & TUN_IFHEAD) { 671 if (top->m_len < sizeof(family) && 672 (top = m_pullup(top, sizeof(family))) == NULL) 673 return ENOBUFS; 674 family = ntohl(*mtod(top, u_int32_t *)); 675 m_adj(top, sizeof(family)); 676 } else 677 family = AF_INET; 678 679 ifp->if_ibytes += top->m_pkthdr.len; 680 ifp->if_ipackets++; 681 682 switch (family) { 683 #ifdef INET 684 case AF_INET: 685 isr = NETISR_IP; 686 break; 687 #endif 688 #ifdef INET6 689 case AF_INET6: 690 isr = NETISR_IPV6; 691 break; 692 #endif 693 #ifdef IPX 694 case AF_IPX: 695 isr = NETISR_IPX; 696 break; 697 #endif 698 #ifdef NETATALK 699 case AF_APPLETALK: 700 isr = NETISR_ATALK2; 701 break; 702 #endif 703 default: 704 m_freem(m); 705 return (EAFNOSUPPORT); 706 } 707 708 netisr_dispatch(isr, top); 709 return (0); 710 } 711 712 /* 713 * tunpoll - the poll interface, this is only useful on reads 714 * really. The write detect always returns true, write never blocks 715 * anyway, it either accepts the packet or drops it. 716 */ 717 static int 718 tunpoll(dev_t dev, int events, struct thread *td) 719 { 720 int s; 721 struct tun_softc *tp = dev->si_drv1; 722 struct ifnet *ifp = &tp->tun_if; 723 int revents = 0; 724 725 s = splimp(); 726 TUNDEBUG("%s: tunpoll\n", ifp->if_xname); 727 728 if (events & (POLLIN | POLLRDNORM)) { 729 if (ifp->if_snd.ifq_len > 0) { 730 TUNDEBUG("%s: tunpoll q=%d\n", ifp->if_xname, 731 ifp->if_snd.ifq_len); 732 revents |= events & (POLLIN | POLLRDNORM); 733 } else { 734 TUNDEBUG("%s: tunpoll waiting\n", ifp->if_xname); 735 selrecord(td, &tp->tun_rsel); 736 } 737 } 738 if (events & (POLLOUT | POLLWRNORM)) 739 revents |= events & (POLLOUT | POLLWRNORM); 740 741 splx(s); 742 return (revents); 743 } 744